McDonald's, which has its headquarters in Oak Brook, Ill., asked its business partner, Arc Worldwide, to develop and coordinate the distribution of promotional e-mails. Arc, in turn hired another provider to supervise and manage the e-mail database, which "may have been accessed by that unauthorized third party," McDonald's said in a release and posted on its Web site.
Hackers gained access to names, ages, contact information and other "general preference information." McDonald's says the Internet intruders did not collect Social Security numbers, credit card numbers or sensitive financial information.
McDonald's says law enforcement officials are investigating, and advises if anyone calls claiming to be from the company and asks for personal or financial information, do not respond but rather call a toll-free number the company has provided for reporting such incidents.